malpercio.dev / atbb
WIP! A BB-style forum, on the ATmosphere! We're still working... we'll be back soon when we have something to show off!
node typescript hono htmx atproto
fork atom

Constrain OAuth Scopes to only what is needed by atBB #2

closed opened by malpercio.dev targeting main from adjust-oauth-scopes

Will require a new login for all users, but a deploy does that anyway since sessions are stored in memory currently ðŸĪŠ

Labels

None yet.

assignee

None yet.

Participants 1
AT URI
at://did:web:malpercio.dev/sh.tangled.repo.pull/3mfrrwn6gfi22
+1 -1
Diff #0
+1 -1
apps/appview/src/lib/app-context.ts
··· 78 78 client_name: "atBB Forum", 79 79 client_uri: oauthUrl, 80 80 redirect_uris: [`${oauthUrl}/api/auth/callback`], 81 - scope: "atproto transition:generic", 81 + scope: "atproto include:space.atbb.authFull rpc:app.bsky.actor.getProfile?aud=did:web:api.bsky.app%23bsky_appview", 82 82 grant_types: ["authorization_code", "refresh_token"], 83 83 response_types: ["code"], 84 84 application_type: "web",

History

1 round 0 comments
sign up or login to add to the discussion
malpercio.dev submitted #0
1 commit
expand
77ab53e5
feat: constrain oauth scopes
expand 0 comments
closed without merging